Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(14)

Side by Side Diff: net/socket/ssl_client_socket_unittest.cc

Issue 2205433002: Implement ALPN in tlslite. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Rebase. Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/socket/ssl_client_socket.h" 5 #include "net/socket/ssl_client_socket.h"
6 6
7 #include <errno.h> 7 #include <errno.h>
8 #include <string.h> 8 #include <string.h>
9 9
10 #include <utility> 10 #include <utility>
(...skipping 2768 matching lines...) Expand 10 before | Expand all | Expand 10 after
2779 ssl_config.token_binding_params.push_back(TB_PARAM_ECDSAP256); 2779 ssl_config.token_binding_params.push_back(TB_PARAM_ECDSAP256);
2780 2780
2781 int rv; 2781 int rv;
2782 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); 2782 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv));
2783 EXPECT_THAT(rv, IsOk()); 2783 EXPECT_THAT(rv, IsOk());
2784 SSLInfo info; 2784 SSLInfo info;
2785 EXPECT_TRUE(sock_->GetSSLInfo(&info)); 2785 EXPECT_TRUE(sock_->GetSSLInfo(&info));
2786 EXPECT_FALSE(info.token_binding_negotiated); 2786 EXPECT_FALSE(info.token_binding_negotiated);
2787 } 2787 }
2788 2788
2789 // In tests requiring NPN, client_config.alpn_protos and 2789 TEST_F(SSLClientSocketFalseStartTest, FalseStartEnabledWithNPN) {
2790 // client_config.npn_protos both need to be set when using NSS, otherwise NPN is 2790 // False Start requires ALPN or NPN, and ECDHE, and an AEAD.
2791 // disabled due to quirks of the implementation.
2792
2793 TEST_F(SSLClientSocketFalseStartTest, FalseStartEnabled) {
2794 // False Start requires NPN/ALPN, ECDHE, and an AEAD.
2795 SpawnedTestServer::SSLOptions server_options; 2791 SpawnedTestServer::SSLOptions server_options;
2796 server_options.key_exchanges = 2792 server_options.key_exchanges =
2797 SpawnedTestServer::SSLOptions::KEY_EXCHANGE_ECDHE_RSA; 2793 SpawnedTestServer::SSLOptions::KEY_EXCHANGE_ECDHE_RSA;
2798 server_options.bulk_ciphers = 2794 server_options.bulk_ciphers =
2799 SpawnedTestServer::SSLOptions::BULK_CIPHER_AES128GCM; 2795 SpawnedTestServer::SSLOptions::BULK_CIPHER_AES128GCM;
2800 server_options.npn_protocols.push_back(std::string("http/1.1")); 2796 server_options.npn_protocols.push_back("http/1.1");
2801 SSLConfig client_config; 2797 SSLConfig client_config;
2802 client_config.npn_protos.push_back(kProtoHTTP11); 2798 client_config.npn_protos.push_back(kProtoHTTP11);
2803 ASSERT_NO_FATAL_FAILURE( 2799 ASSERT_NO_FATAL_FAILURE(
2804 TestFalseStart(server_options, client_config, true)); 2800 TestFalseStart(server_options, client_config, true));
2805 } 2801 }
2806 2802
2807 // Test that False Start is disabled without NPN. 2803 TEST_F(SSLClientSocketFalseStartTest, FalseStartEnabledWithALPN) {
2808 TEST_F(SSLClientSocketFalseStartTest, NoNPN) { 2804 // False Start requires ALPN or NPN, and ECDHE, and an AEAD.
2809 SpawnedTestServer::SSLOptions server_options; 2805 SpawnedTestServer::SSLOptions server_options;
2810 server_options.key_exchanges = 2806 server_options.key_exchanges =
2811 SpawnedTestServer::SSLOptions::KEY_EXCHANGE_ECDHE_RSA; 2807 SpawnedTestServer::SSLOptions::KEY_EXCHANGE_ECDHE_RSA;
2808 server_options.bulk_ciphers =
2809 SpawnedTestServer::SSLOptions::BULK_CIPHER_AES128GCM;
2810 server_options.alpn_protocols.push_back("http/1.1");
2811 SSLConfig client_config;
2812 client_config.alpn_protos.push_back(kProtoHTTP11);
2813 ASSERT_NO_FATAL_FAILURE(TestFalseStart(server_options, client_config, true));
2814 }
2815
2816 // Test that False Start is disabled without either ALPN or NPN.
2817 TEST_F(SSLClientSocketFalseStartTest, NoAlpnAndNoNpn) {
2818 SpawnedTestServer::SSLOptions server_options;
2819 server_options.key_exchanges =
2820 SpawnedTestServer::SSLOptions::KEY_EXCHANGE_ECDHE_RSA;
2812 server_options.bulk_ciphers = 2821 server_options.bulk_ciphers =
2813 SpawnedTestServer::SSLOptions::BULK_CIPHER_AES128GCM; 2822 SpawnedTestServer::SSLOptions::BULK_CIPHER_AES128GCM;
2814 SSLConfig client_config; 2823 SSLConfig client_config;
2815 client_config.alpn_protos.clear(); 2824 client_config.alpn_protos.clear();
2816 client_config.npn_protos.clear(); 2825 client_config.npn_protos.clear();
2817 ASSERT_NO_FATAL_FAILURE( 2826 ASSERT_NO_FATAL_FAILURE(
2818 TestFalseStart(server_options, client_config, false)); 2827 TestFalseStart(server_options, client_config, false));
2819 } 2828 }
2820 2829
2821 // Test that False Start is disabled with plain RSA ciphers. 2830 // Test that False Start is disabled with plain RSA ciphers.
2822 TEST_F(SSLClientSocketFalseStartTest, RSA) { 2831 TEST_F(SSLClientSocketFalseStartTest, RSA) {
2823 SpawnedTestServer::SSLOptions server_options; 2832 SpawnedTestServer::SSLOptions server_options;
2824 server_options.key_exchanges = 2833 server_options.key_exchanges =
2825 SpawnedTestServer::SSLOptions::KEY_EXCHANGE_RSA; 2834 SpawnedTestServer::SSLOptions::KEY_EXCHANGE_RSA;
2826 server_options.bulk_ciphers = 2835 server_options.bulk_ciphers =
2827 SpawnedTestServer::SSLOptions::BULK_CIPHER_AES128GCM; 2836 SpawnedTestServer::SSLOptions::BULK_CIPHER_AES128GCM;
2828 server_options.npn_protocols.push_back(std::string("http/1.1")); 2837 server_options.alpn_protocols.push_back("http/1.1");
2829 SSLConfig client_config; 2838 SSLConfig client_config;
2830 client_config.npn_protos.push_back(kProtoHTTP11); 2839 client_config.alpn_protos.push_back(kProtoHTTP11);
2831 ASSERT_NO_FATAL_FAILURE( 2840 ASSERT_NO_FATAL_FAILURE(
2832 TestFalseStart(server_options, client_config, false)); 2841 TestFalseStart(server_options, client_config, false));
2833 } 2842 }
2834 2843
2835 // Test that False Start is disabled with DHE_RSA ciphers. 2844 // Test that False Start is disabled with DHE_RSA ciphers.
2836 TEST_F(SSLClientSocketFalseStartTest, DHE_RSA) { 2845 TEST_F(SSLClientSocketFalseStartTest, DHE_RSA) {
2837 SpawnedTestServer::SSLOptions server_options; 2846 SpawnedTestServer::SSLOptions server_options;
2838 server_options.key_exchanges = 2847 server_options.key_exchanges =
2839 SpawnedTestServer::SSLOptions::KEY_EXCHANGE_DHE_RSA; 2848 SpawnedTestServer::SSLOptions::KEY_EXCHANGE_DHE_RSA;
2840 server_options.bulk_ciphers = 2849 server_options.bulk_ciphers =
2841 SpawnedTestServer::SSLOptions::BULK_CIPHER_AES128GCM; 2850 SpawnedTestServer::SSLOptions::BULK_CIPHER_AES128GCM;
2842 server_options.npn_protocols.push_back(std::string("http/1.1")); 2851 server_options.alpn_protocols.push_back("http/1.1");
2843 SSLConfig client_config; 2852 SSLConfig client_config;
2844 client_config.npn_protos.push_back(kProtoHTTP11); 2853 client_config.alpn_protos.push_back(kProtoHTTP11);
2845 // DHE is only advertised when deprecated ciphers are enabled. 2854 // DHE is only advertised when deprecated ciphers are enabled.
2846 client_config.deprecated_cipher_suites_enabled = true; 2855 client_config.deprecated_cipher_suites_enabled = true;
2847 ASSERT_NO_FATAL_FAILURE(TestFalseStart(server_options, client_config, false)); 2856 ASSERT_NO_FATAL_FAILURE(TestFalseStart(server_options, client_config, false));
2848 } 2857 }
2849 2858
2850 // Test that False Start is disabled without an AEAD. 2859 // Test that False Start is disabled without an AEAD.
2851 TEST_F(SSLClientSocketFalseStartTest, NoAEAD) { 2860 TEST_F(SSLClientSocketFalseStartTest, NoAEAD) {
2852 SpawnedTestServer::SSLOptions server_options; 2861 SpawnedTestServer::SSLOptions server_options;
2853 server_options.key_exchanges = 2862 server_options.key_exchanges =
2854 SpawnedTestServer::SSLOptions::KEY_EXCHANGE_ECDHE_RSA; 2863 SpawnedTestServer::SSLOptions::KEY_EXCHANGE_ECDHE_RSA;
2855 server_options.bulk_ciphers = 2864 server_options.bulk_ciphers =
2856 SpawnedTestServer::SSLOptions::BULK_CIPHER_AES128; 2865 SpawnedTestServer::SSLOptions::BULK_CIPHER_AES128;
2857 server_options.npn_protocols.push_back(std::string("http/1.1")); 2866 server_options.alpn_protocols.push_back("http/1.1");
2858 SSLConfig client_config; 2867 SSLConfig client_config;
2859 client_config.npn_protos.push_back(kProtoHTTP11); 2868 client_config.alpn_protos.push_back(kProtoHTTP11);
2860 ASSERT_NO_FATAL_FAILURE(TestFalseStart(server_options, client_config, false)); 2869 ASSERT_NO_FATAL_FAILURE(TestFalseStart(server_options, client_config, false));
2861 } 2870 }
2862 2871
2863 // Test that sessions are resumable after receiving the server Finished message. 2872 // Test that sessions are resumable after receiving the server Finished message.
2864 TEST_F(SSLClientSocketFalseStartTest, SessionResumption) { 2873 TEST_F(SSLClientSocketFalseStartTest, SessionResumption) {
2865 // Start a server. 2874 // Start a server.
2866 SpawnedTestServer::SSLOptions server_options; 2875 SpawnedTestServer::SSLOptions server_options;
2867 server_options.key_exchanges = 2876 server_options.key_exchanges =
2868 SpawnedTestServer::SSLOptions::KEY_EXCHANGE_ECDHE_RSA; 2877 SpawnedTestServer::SSLOptions::KEY_EXCHANGE_ECDHE_RSA;
2869 server_options.bulk_ciphers = 2878 server_options.bulk_ciphers =
2870 SpawnedTestServer::SSLOptions::BULK_CIPHER_AES128GCM; 2879 SpawnedTestServer::SSLOptions::BULK_CIPHER_AES128GCM;
2871 server_options.npn_protocols.push_back(std::string("http/1.1")); 2880 server_options.alpn_protocols.push_back("http/1.1");
2872 SSLConfig client_config; 2881 SSLConfig client_config;
2873 client_config.npn_protos.push_back(kProtoHTTP11); 2882 client_config.alpn_protos.push_back(kProtoHTTP11);
2874 2883
2875 // Let a full handshake complete with False Start. 2884 // Let a full handshake complete with False Start.
2876 ASSERT_NO_FATAL_FAILURE( 2885 ASSERT_NO_FATAL_FAILURE(
2877 TestFalseStart(server_options, client_config, true)); 2886 TestFalseStart(server_options, client_config, true));
2878 2887
2879 // Make a second connection. 2888 // Make a second connection.
2880 int rv; 2889 int rv;
2881 ASSERT_TRUE(CreateAndConnectSSLClientSocket(client_config, &rv)); 2890 ASSERT_TRUE(CreateAndConnectSSLClientSocket(client_config, &rv));
2882 EXPECT_THAT(rv, IsOk()); 2891 EXPECT_THAT(rv, IsOk());
2883 2892
2884 // It should resume the session. 2893 // It should resume the session.
2885 SSLInfo ssl_info; 2894 SSLInfo ssl_info;
2886 EXPECT_TRUE(sock_->GetSSLInfo(&ssl_info)); 2895 EXPECT_TRUE(sock_->GetSSLInfo(&ssl_info));
2887 EXPECT_EQ(SSLInfo::HANDSHAKE_RESUME, ssl_info.handshake_type); 2896 EXPECT_EQ(SSLInfo::HANDSHAKE_RESUME, ssl_info.handshake_type);
2888 } 2897 }
2889 2898
2890 // Test that False Started sessions are not resumable before receiving the 2899 // Test that False Started sessions are not resumable before receiving the
2891 // server Finished message. 2900 // server Finished message.
2892 TEST_F(SSLClientSocketFalseStartTest, NoSessionResumptionBeforeFinished) { 2901 TEST_F(SSLClientSocketFalseStartTest, NoSessionResumptionBeforeFinished) {
2893 // Start a server. 2902 // Start a server.
2894 SpawnedTestServer::SSLOptions server_options; 2903 SpawnedTestServer::SSLOptions server_options;
2895 server_options.key_exchanges = 2904 server_options.key_exchanges =
2896 SpawnedTestServer::SSLOptions::KEY_EXCHANGE_ECDHE_RSA; 2905 SpawnedTestServer::SSLOptions::KEY_EXCHANGE_ECDHE_RSA;
2897 server_options.bulk_ciphers = 2906 server_options.bulk_ciphers =
2898 SpawnedTestServer::SSLOptions::BULK_CIPHER_AES128GCM; 2907 SpawnedTestServer::SSLOptions::BULK_CIPHER_AES128GCM;
2899 server_options.npn_protocols.push_back(std::string("http/1.1")); 2908 server_options.alpn_protocols.push_back("http/1.1");
2900 ASSERT_TRUE(StartTestServer(server_options)); 2909 ASSERT_TRUE(StartTestServer(server_options));
2901 2910
2902 SSLConfig client_config; 2911 SSLConfig client_config;
2903 client_config.npn_protos.push_back(kProtoHTTP11); 2912 client_config.alpn_protos.push_back(kProtoHTTP11);
2904 2913
2905 // Start a handshake up to the server Finished message. 2914 // Start a handshake up to the server Finished message.
2906 TestCompletionCallback callback; 2915 TestCompletionCallback callback;
2907 FakeBlockingStreamSocket* raw_transport1 = NULL; 2916 FakeBlockingStreamSocket* raw_transport1 = NULL;
2908 std::unique_ptr<SSLClientSocket> sock1; 2917 std::unique_ptr<SSLClientSocket> sock1;
2909 ASSERT_NO_FATAL_FAILURE(CreateAndConnectUntilServerFinishedReceived( 2918 ASSERT_NO_FATAL_FAILURE(CreateAndConnectUntilServerFinishedReceived(
2910 client_config, &callback, &raw_transport1, &sock1)); 2919 client_config, &callback, &raw_transport1, &sock1));
2911 // Although raw_transport1 has the server Finished blocked, the handshake 2920 // Although raw_transport1 has the server Finished blocked, the handshake
2912 // still completes. 2921 // still completes.
2913 EXPECT_THAT(callback.WaitForResult(), IsOk()); 2922 EXPECT_THAT(callback.WaitForResult(), IsOk());
(...skipping 29 matching lines...) Expand all
2943 2952
2944 // Test that False Started sessions are not resumable if the server Finished 2953 // Test that False Started sessions are not resumable if the server Finished
2945 // message was bad. 2954 // message was bad.
2946 TEST_F(SSLClientSocketFalseStartTest, NoSessionResumptionBadFinished) { 2955 TEST_F(SSLClientSocketFalseStartTest, NoSessionResumptionBadFinished) {
2947 // Start a server. 2956 // Start a server.
2948 SpawnedTestServer::SSLOptions server_options; 2957 SpawnedTestServer::SSLOptions server_options;
2949 server_options.key_exchanges = 2958 server_options.key_exchanges =
2950 SpawnedTestServer::SSLOptions::KEY_EXCHANGE_ECDHE_RSA; 2959 SpawnedTestServer::SSLOptions::KEY_EXCHANGE_ECDHE_RSA;
2951 server_options.bulk_ciphers = 2960 server_options.bulk_ciphers =
2952 SpawnedTestServer::SSLOptions::BULK_CIPHER_AES128GCM; 2961 SpawnedTestServer::SSLOptions::BULK_CIPHER_AES128GCM;
2953 server_options.npn_protocols.push_back(std::string("http/1.1")); 2962 server_options.alpn_protocols.push_back("http/1.1");
2954 ASSERT_TRUE(StartTestServer(server_options)); 2963 ASSERT_TRUE(StartTestServer(server_options));
2955 2964
2956 SSLConfig client_config; 2965 SSLConfig client_config;
2957 client_config.npn_protos.push_back(kProtoHTTP11); 2966 client_config.alpn_protos.push_back(kProtoHTTP11);
2958 2967
2959 // Start a handshake up to the server Finished message. 2968 // Start a handshake up to the server Finished message.
2960 TestCompletionCallback callback; 2969 TestCompletionCallback callback;
2961 FakeBlockingStreamSocket* raw_transport1 = NULL; 2970 FakeBlockingStreamSocket* raw_transport1 = NULL;
2962 std::unique_ptr<SSLClientSocket> sock1; 2971 std::unique_ptr<SSLClientSocket> sock1;
2963 ASSERT_NO_FATAL_FAILURE(CreateAndConnectUntilServerFinishedReceived( 2972 ASSERT_NO_FATAL_FAILURE(CreateAndConnectUntilServerFinishedReceived(
2964 client_config, &callback, &raw_transport1, &sock1)); 2973 client_config, &callback, &raw_transport1, &sock1));
2965 // Although raw_transport1 has the server Finished blocked, the handshake 2974 // Although raw_transport1 has the server Finished blocked, the handshake
2966 // still completes. 2975 // still completes.
2967 EXPECT_THAT(callback.WaitForResult(), IsOk()); 2976 EXPECT_THAT(callback.WaitForResult(), IsOk());
(...skipping 120 matching lines...) Expand 10 before | Expand all | Expand 10 after
3088 // Channel ID. 3097 // Channel ID.
3089 ssl_config.channel_id_enabled = true; 3098 ssl_config.channel_id_enabled = true;
3090 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); 3099 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv));
3091 EXPECT_TRUE(sock_->GetSSLInfo(&ssl_info)); 3100 EXPECT_TRUE(sock_->GetSSLInfo(&ssl_info));
3092 EXPECT_EQ(SSLInfo::HANDSHAKE_FULL, ssl_info.handshake_type); 3101 EXPECT_EQ(SSLInfo::HANDSHAKE_FULL, ssl_info.handshake_type);
3093 EXPECT_TRUE(ssl_info.channel_id_sent); 3102 EXPECT_TRUE(ssl_info.channel_id_sent);
3094 } 3103 }
3095 3104
3096 TEST_F(SSLClientSocketTest, NPN) { 3105 TEST_F(SSLClientSocketTest, NPN) {
3097 SpawnedTestServer::SSLOptions server_options; 3106 SpawnedTestServer::SSLOptions server_options;
3098 server_options.npn_protocols.push_back(std::string("spdy/3.1")); 3107 server_options.npn_protocols.push_back("spdy/3.1");
3099 server_options.npn_protocols.push_back(std::string("h2")); 3108 server_options.npn_protocols.push_back("h2");
3100 ASSERT_TRUE(StartTestServer(server_options)); 3109 ASSERT_TRUE(StartTestServer(server_options));
3101 3110
3102 SSLConfig client_config; 3111 SSLConfig client_config;
3103 client_config.npn_protos.push_back(kProtoHTTP2); 3112 client_config.npn_protos.push_back(kProtoHTTP2);
3104 client_config.npn_protos.push_back(kProtoHTTP11); 3113 client_config.npn_protos.push_back(kProtoHTTP11);
3105 3114
3106 int rv; 3115 int rv;
3107 ASSERT_TRUE(CreateAndConnectSSLClientSocket(client_config, &rv)); 3116 ASSERT_TRUE(CreateAndConnectSSLClientSocket(client_config, &rv));
3108 EXPECT_THAT(rv, IsOk()); 3117 EXPECT_THAT(rv, IsOk());
3109 3118
3110 std::string proto; 3119 std::string proto;
3111 EXPECT_EQ(SSLClientSocket::kNextProtoNegotiated, sock_->GetNextProto(&proto)); 3120 EXPECT_EQ(SSLClientSocket::kNextProtoNegotiated, sock_->GetNextProto(&proto));
3112 EXPECT_EQ("h2", proto); 3121 EXPECT_EQ("h2", proto);
3113 } 3122 }
3114 3123
3115 // If npn_protos.empty(), then NPN should be disabled, even if 3124 // Server preference SHOULD win in ALPN.
davidben 2016/08/03 23:34:22 SHOULD -> should
Bence 2016/08/04 18:41:44 Done.
3116 // !alpn_protos.empty(). Tlslite does not support ALPN, therefore if NPN is 3125 TEST_F(SSLClientSocketTest, Alpn) {
3117 // disabled in the client, no protocol should be negotiated.
3118 TEST_F(SSLClientSocketTest, NPNClientDisabled) {
3119 SpawnedTestServer::SSLOptions server_options; 3126 SpawnedTestServer::SSLOptions server_options;
3120 server_options.npn_protocols.push_back(std::string("http/1.1")); 3127 server_options.alpn_protocols.push_back("h2");
3128 server_options.alpn_protocols.push_back("http/1.1");
3121 ASSERT_TRUE(StartTestServer(server_options)); 3129 ASSERT_TRUE(StartTestServer(server_options));
3122 3130
3123 SSLConfig client_config; 3131 SSLConfig client_config;
3124 client_config.alpn_protos.push_back(kProtoHTTP11); 3132 client_config.alpn_protos.push_back(kProtoHTTP11);
3133 client_config.alpn_protos.push_back(kProtoHTTP2);
3125 3134
3126 int rv; 3135 int rv;
3127 ASSERT_TRUE(CreateAndConnectSSLClientSocket(client_config, &rv)); 3136 ASSERT_TRUE(CreateAndConnectSSLClientSocket(client_config, &rv));
3137 EXPECT_THAT(rv, IsOk());
3138
3139 std::string proto;
3140 EXPECT_EQ(kProtoHTTP2, sock_->GetNegotiatedProtocol());
3141 }
3142
3143 // If the server supports ALPN but the client does not, then ALPN is not used.
3144 TEST_F(SSLClientSocketTest, AlpnClientDisabled) {
3145 SpawnedTestServer::SSLOptions server_options;
3146 server_options.alpn_protocols.push_back("foo");
3147 ASSERT_TRUE(StartTestServer(server_options));
3148
3149 SSLConfig client_config;
3150
3151 int rv;
3152 ASSERT_TRUE(CreateAndConnectSSLClientSocket(client_config, &rv));
3128 EXPECT_THAT(rv, IsOk()); 3153 EXPECT_THAT(rv, IsOk());
3129 3154
3130 std::string proto; 3155 std::string proto;
3131 EXPECT_EQ(SSLClientSocket::kNextProtoUnsupported, 3156 EXPECT_EQ(SSLClientSocket::kNextProtoUnsupported,
3132 sock_->GetNextProto(&proto)); 3157 sock_->GetNextProto(&proto));
3133 } 3158 }
3134 3159
3135 TEST_F(SSLClientSocketTest, NPNServerDisabled) { 3160 TEST_F(SSLClientSocketTest, NPNServerDisabled) {
3136 SpawnedTestServer::SSLOptions server_options; 3161 SpawnedTestServer::SSLOptions server_options;
3137 ASSERT_TRUE(StartTestServer(server_options)); 3162 ASSERT_TRUE(StartTestServer(server_options));
(...skipping 280 matching lines...) Expand 10 before | Expand all | Expand 10 after
3418 ASSERT_TRUE(sock_->GetSSLInfo(&ssl_info)); 3443 ASSERT_TRUE(sock_->GetSSLInfo(&ssl_info));
3419 3444
3420 EXPECT_THAT(rv, IsError(ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN)); 3445 EXPECT_THAT(rv, IsError(ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN));
3421 EXPECT_TRUE(ssl_info.cert_status & CERT_STATUS_PINNED_KEY_MISSING); 3446 EXPECT_TRUE(ssl_info.cert_status & CERT_STATUS_PINNED_KEY_MISSING);
3422 EXPECT_TRUE(ssl_info.cert_status & 3447 EXPECT_TRUE(ssl_info.cert_status &
3423 CERT_STATUS_CERTIFICATE_TRANSPARENCY_REQUIRED); 3448 CERT_STATUS_CERTIFICATE_TRANSPARENCY_REQUIRED);
3424 EXPECT_TRUE(sock_->IsConnected()); 3449 EXPECT_TRUE(sock_->IsConnected());
3425 } 3450 }
3426 3451
3427 } // namespace net 3452 } // namespace net
OLDNEW
« no previous file with comments | « no previous file | net/test/spawned_test_server/base_test_server.h » ('j') | third_party/tlslite/tlslite/messages.py » ('J')

Powered by Google App Engine
This is Rietveld 408576698